Categories Corporate
Professional eBook

Information security for non-technical managers

(28 ratings )
3 reviews
75
Language :  English
This book presents a non-technical overview of the main elements of managing information security, where everyone, not just technical people, has a role to play.
Professional Plus subscription free for the first 30 days, then $6.99/mo
Access this book on our eReader, no adverts inside the book
Description
Content
Reviews

This book presents a non-technical overview of the main elements of managing information security, where everyone, not just technical people, has a role to play.

Modern economies are highly dependent on information systems and networks connected to “cyberspace” a virtual world with a population of several billion and growing.

Cyberspace is inherently insecure. Achieving acceptable information security requires building awareness of what it takes to achieve it, mitigating vulnerabilities in people, processes and technologies and constant adaptation to a rapidly changing environment.

  1. Information security in context
    1. A short history of information technologies and their side effects
    2. Why information security is increasingly important
    3. Ubiquity and irreversible dependencies
  2. Lessons identified in the last ten years
    1. The semantics of information security
    2. The major target areas in information insecurity
    3. What needs to be done to strengthen security is well known but not done well enough
    4. Certifications
    5. Asymmetries and consequences
    6. Maintaining security is everybody’s job
  3. Defining information security
    1. What is meant by “Information Security”
    2. Differences between Enterprise security, Information security and Information Technology security
  4. Managing information security in the enterprise
    1. Information Security Governance
    2. The components of information security governance
    3. Managing for security
    4. What makes a good Chief Information Security Officer (CISO)
    5. Your role as a manager
  5. The four domains of vulnerabilities
    1. Governance vulnerabilities
    2. People vulnerabilities
    3. Process vulnerabilities
    4. Technology vulnerabilities
  6. Other drivers of information insecurity
    1. Causes for concern
    2. External factors: the constantly changing landscape
    3. Information security should not inhibit innovative thinking
  7. Measuring security
    1. Measuring Information Security
    2. Reporting information security metrics
  8. Other information security topics
    1. Business Impact Analysis (BIA)
    2. Information Risk Management
    3. Planning for survival
    4. The legislative landscape
  9. Conclusions
  10. References
    1. Downloadable free of charge:
    2. Material requiring purchase
    3. Topics not covered in this book
  11. Appendix: Acknowledgements
  12. Endnotes
A very good read and information bank for all kinds of managers regardless of whether you have technical background or not. This is any manager's requirement to be successful.
Comprehensive in content since it has included vital concepts to further discuss the main topic.
Great book to be more aware on a critical issue which is too often not properly considered by professionals.
More reviews
About the Author

Dr Eduardo Gelbstein